The Current State of Web Application Worms
It provides an overview of Cross-Site Scripting (XSS), Methods of Propagation, comments on the First XSS Worm, a worst case scenario, and of course protection methods, nice graphs and overview of this emerging trend. In my "Future Trends of Malware" research I indeed pointed out on its emergence :
The link for this article located at Dancho Danchev is no longer available.